What is Apple’s Advanced Data Protection and why is it controversial?
The technology giant has confirmed it is removing the security feature from the UK after a stand-off with the Government.
Apple has confirmed it is removing one of its most powerful data security features from use in the UK after a row with the Government.
Advanced Data Protection (ADP), is an opt-in tool on Apple’s iCloud service which meant only an account holder could access the “majority” of file types such as photos or notes, as they were end-to-end encrypted – meaning even Apple cannot access them.
But a request from the UK Government revealed earlier this month to access this data sparked a stand-off on the issue, before Apple’s decision to pull the tool from the UK on Friday.
Here is a closer look at ADP, encryption and why its a row erupted with the Government.
– What is ADP and what does it do?
Apple’s iCloud, like many cloud services, uses encryption to protect user data when it is stored on their servers. This means it cannot be accessed by outsiders, but could be by Apple if they were legally compelled to do so or if a user asked the firm to help them recover lost data.
The next level up from this is end-to-end encryption, which completely locks out anyone but the account holder from the files in question and leaves them as the sole actor able to recover it.
This is what ADP offers, applying it to the “majority” of iCloud data, and locking it away from anyone else, including Apple itself.
But it is an opt-in feature, meaning users have to choose to turn it on in order to take advantage of it and is therefore not used by every iCloud user.
– Why is it now being withdrawn from the UK?
It was reported earlier this month that the UK Government had made a request to Apple, under the Investigatory Powers Act, to get broad access to encrypted files uploaded to iCloud, including those secured by end-to-end encryption under ADP.
In order to provide such access, Apple would have to create a security “backdoor” – a new key that would allow the Government to get around the encryption and access the files.
However, Apple has said publicly on numerous occasions in the past, including in its statement on Friday about ADP, that it would not create a backdoor and never will.
The company argues that once a backdoor has been created, it could easily be accessed and used by bad actors, breaking its encryption systems and therefore leaving iCloud users around the world vulnerable to data breaches.
So in response to the Government’s request, rather than comply and create a backdoor, Apple has chosen to withdraw ADP from the UK instead.
– Why did the Government want access to encrypted files?
Government, police and security services, and online safety charities have argued for some time that end-to-end encryption is being used by criminals such as terrorists and child abusers to more easily hide their activities online, and has hampered efforts to catch them.
The Government’s request to Apple was an attempt to force the firm to break its own encryption systems, and allow police and security services to more easily access such data when needed.
– What does the removal of ADP mean for UK users?
For many users, very little will actually change as ADP was opt-in and only those who had actively chosen to turn it on in the first place have been using it.
Apple said those already using it will see it withdrawn over time, but it can no longer be turned on for anyone wanting access in the UK now.
But even without ADP in place, Apple said more than a dozen iCloud data categories are still end-to-end encrypted by default, including health data and its password management system, iCloud Keychain.
In addition, Apple said its communications services, such as iMessage and FaceTime, remain end-to-end encrypted globally, including in the UK.
However, cybersecurity experts have warned that this has ultimately made UK users less secure, as they have lost access to a higher level of data protection that will remain available to users elsewhere.
